.png)
1 week ago
20 BOOK THIS SPACE FOR AD
ARTICLE ADwhoami ❓
I am Abhirup Konwar (aka LegionHunter). I work as a full-time bug hunter and dedicate the rest of the time in understanding inner workings of open-source malwares.🥷
I have reported over 1000 bugs on OpenBugBounty as well as on HackerOne and BugCrowd along with numerous Hall Of Fame programs including NASA, American Systems (🥇Top 5 Bug Hunter) and self hosted VDP + BBP , with bugs belonging to both Client and Server Injection category, Sensitive Information Disclosure & Broken Access Control.
What is Blind XSS
In this category of XSS, the attacker will inject into every inputs fields available for the normal users in a hope someone from the support, administrator will see it someday or maybe internal applications store and process it for data analysis and many more stuff. As an attacker we never know where and when the trigger might be successful and receive the details on your BXSS dashboard panel to make the bug report. Usually in bug hunting scope guidelines or policies, it is mentioned for blind XSS specifically that report will be valid and accepted only when it is triggered within a week (exceptions excluded)
Bengali (Bangladesh) · 
English (United States) ·